/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */

import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Mona
 */
public class SignIn extends HttpServlet {

   

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.sendRedirect("notFound.jsp");
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
	try{				
		String email = request.getParameter("email");
		String password = request.getParameter("password");

		Class.forName("com.mysql.jdbc.Driver").newInstance();
		Connection con = DriverManager.getConnection("jdbc:mysql://localhost/Shopping","root","asmaaelmasry");
			
                PreparedStatement stmt = con.prepareStatement("select id,name,password,Role from User where email = ?");
                stmt.setString(1, email);
                ResultSet result = stmt.executeQuery();               
                
		if(result.next() && result.getString(3).equals(password)){
			HttpSession session = request.getSession(true);
			session.setAttribute("id", result.getString(1));
                        session.setAttribute("name", result.getString(2));
                        session.setAttribute("email", email);
                        session.setAttribute("role", result.getString(4));
			response.sendRedirect("index.jsp");
		}else
			response.sendRedirect("signin.jsp?usr=notFound");
		
	}catch(Exception ex){
            Logger.getLogger(SignIn.class.getName()).log(Level.SEVERE.SEVERE, null, ex);
            response.sendRedirect("error.jsp");
	}	
    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

}
